Secunia Security Advisory – A vulnerability has been reported in the Tip-A-Friend extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88744/sa39425.txt
Source: https://packetstormsecurity.com/files/88744/Secunia-Security-Advisory-39425.html